Category Archives: Technology

Post navigation

Foxconn’s panel arm, Innolux, most famous for building smartphone and monitor displays, has just announced that it will be cutting its workforce of 60,000, by over 10,000 at the end of 2018. These 10,000 jobs will be lost to robotics being implemented in the factory. Foxconn is making a $342M investment in Innolux to help bring production costs down and to improve production time. Foxconn is already working on new robots, that will catch the other robots, as those attempt to jump to their demise from the top of the factory.

Innolux is a liquid crystal display-making affiliate of major iPhone assembler Hon Hai Precision Industry, better known as Foxconn Technology Group. Tuan is also a technology adviser to Foxconn, Sharp and Innolux. Tuan said up to 75% of production will be fully automated by the end of 2018. Most of Innolux’s factories are in Taiwan.

I am not sure if this is good or bad. Hawaii officials have previously said that it was all a mistake, and folks pointed towards the system being hacked after this picturewas uncovered with an official password stuck on a monitor with a sticky note. Seems as though now that the alert was fully intentional.

WASHINGTON â€” The state worker in Hawaii who sent a false wireless alert warning of an inbound ballistic missile on Jan. 13 issued the message intentionally, thinking the state faced an actual threat, the Federal Communications Commission said on Tuesday.

In a public email chain, the Linux inventor Linus Torvalds, and David Woodhouse, engineer at Amazon in the UK discuss Intel’s “fix” for Meltdown/spectre. Never one to pull punches Torvalds exclaims “the patches are COMPLETE AND UTTER GARBAGE.”

I can’t even pretend to understand the technical parts of Linus’ emails, but it’s pretty obvious to see, the man isn’t happy with what Intel is doing to fix the problem. From what I can gather, Intel is putting things in the patch that are unnecessary or redundant to make it look more substantial, while having the actual fix not be enabled by default. Linus’ speculation on why it is not enabled by default is it would make Intel “look bad in benchmarks.” Thanks to fightingfi for the story

All of this is pure garbage. Is Intel really planning on making this shit architectural? Has anybody talked to them and told them they are f*cking insane. Please, any Intel engineers here – talk to your managers. If the alternative was a two-decade product recall and giving everyone free CPUs, I’m not sure it was entirely insane.

“Monday morning we are releasing more shocking undercover video from Twitter engineers exposing how they take your private information, share it, exploit it and abuse it,” O’Keefe said.

Via Project Veritas: New undercover video footage of Twitter Engineers and employees admitting that Twitter employees view”everything you post” on their servers, including private “sex messages,” and “d*ck pics.” The engineers also admit that Twitter analyzes this information to create a “virtual profile” of you which they sell to advertisers.

Our Services are not directed to persons under 13. If you become aware that your child has provided us with personal information without your consent, please contact us at privacy@twitter.com. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we take steps to remove such information and terminate the child’s account.

Misleading behavior within Intel’s technology allows any attacker to compromise and take control of Intel based computers.

Imagine someone having the capability to remotely access and operate your laptop at their whim, without you being able to do anything about it. Pretty scary thought, right? Luckily this couldn’t really happen – magic hacker tricks capable of bypassing strong passwords, firewalls and anti-malware software only exist in the movies.

It’s just that sometimes reality kicks fiction right in the teeth. In July 2017 Harry Sintonen, one of F-Secure’s Senior Security Consultants, discovered unsafe and misleading default behaviour within Intel’s Active Management Technology (AMT). AMT is Intel’s proprietary solution for remote access monitoring and maintenance of corporate-grade personal computers, created to allow IT departments or managed service providers to better control their device fleets.

AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen’s discovery surprised even him. The security issue seems like something lifted straight from IT security officers’ worst nightmares.

“The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” Sintonen says.

So how can this be exploited in practice?

The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. No, we’re not making this stuff up.

The setup is simple: an attacker starts by rebooting the target’s machine, after which they enter the boot menu. In a normal situation, an intruder would be stopped here; as they won’t know the BIOS password, they can’t really do anything harmful to the computer.

In this case, however, the attacker has a workaround: AMT. By selecting Intel’s Management Engine BIOS Extension (MEBx), they can log in using the default password “admin,” as this hasn’t most likely been changed by the user. By changing the default password, enabling remote access and setting AMT’s user opt-in to “None”, a quick-fingered cyber criminal has effectively compromised the machine. Now the attacker can gain access to the system remotely, as long as they’re able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps).

Although the successful exploitation of the security issue requires physical proximity, this might not be as difficult for skilled attackers to organize as you might think. Sintonen lays out one probable scenario, using techniques common to cyber criminals and red teamers alike.

“Attackers have identified and located a target they wish to exploit. They approach the target in a public place – an airport, a café or a hotel lobby – and engage in an ‘evil maid’ scenario. Essentially, one attacker distracts the mark, while the other briefly gains access to his or her laptop. The attack doesn’t require a lot of time – the whole operation can take well under a minute to complete,” Sintonen says.

Combating the issue

Although solid operations security is the first step (don’t ever leave your laptop unwatched in an insecure location!), there are some basic safeguards all IT departments should implement. The system provisioning process needs to be updated to include setting a strong password for AMT, or disabling it completely if possible. IT should also go through all currently deployed machines, and organize the same procedure for them. Intel’s own recommendations for using AMT in a secure manner follow similar logic.

Now, this might be more difficult than it sounds. IT departments might find it increasingly tricky to remediate the issue on a large scale, as the required changes may be difficult to effect remotely (ironically enough). In most cases, a mass reconfiguration effort of affected devices is the only way to deal with AMT issues – not fun for a large, global organization. Our recommendation is to query the amount of affected assets remotely, and try to narrow the list down to a more manageable number. Organizations with Microsoft environments and domain connected devices can also take advantage of the System Center Configuration Manager to provision AMT.

Most importantly: if the AMT password has been set to an unknown value on a user’s laptop, consider the device suspect and initiate incident response. First rule of cyber security? Never take unnecessary risks.

My advice? When AMD-Ryzen based laptops are available, switch out of the Intel Eco-system as soon as possible. Intel had no problem sacrificing end-users privacy for performance, while AMD supported our privacy at the sake of performance years ago and learned from it and now have Secure and ultra-high performance processors in the Ryzen and EPYC series. Intel is stuck going back to the drawing board, just after the Pentium 4.

Undoubtedly there has been some loose talk about Meltdown and Spectre and its impacts on AMD CPUs. AMD just sent this over as it wants to be perfectly clear on its position on these threats.

We have seen some initial stories with a couple of inaccuracies so want to make sure we are being perfectly clear.

* There is no change to AMD’s position on our susceptibility to GPZ Variant 1 or GPZ Variant 2 (collectively called Spectre in many news reports).

* The update in relation to Variant 2 is that even though Variant 2 has not been demonstrated to work on AMD products due to differences in our micro architecture, out of an abundance of caution we are making optional micro code updates available to further contain the threat.

Again, to make it perfectly clear we have not changed our statement erlated to our susceptibility to Variant 2. Let me know if you have questions or need additional details.

These are Mark Papermaster’s previous statements to refresh your memory.

The public disclosure on January 3rd that multiple research teams had discovered security issues related to how modern microprocessors handle speculative execution has brought to the forefront the constant vigilance needed to protect and secure data. These threats seek to circumvent the microprocessor architecture controls that preserve secure data.

At AMD, security is our top priority and we are continually working to ensure the safety of our users as new risks arise. As a part of that vigilance, I wanted to update the community on our actions to address the situation.

* We believe this threat can be contained with an operating system (OS) patch and we have been working with OS providers to address this issue.

* Microsoft is distributing patches for the majority of AMD systems now. We are working closely with them to correct an issue that paused the distribution of patches for some older AMD processors (AMD Opteron, Athlon and AMD Turion X2 Ultra families) earlier this week. We expect this issue to be corrected shortly and Microsoft should resume updates for these older processors by next week. For the latest details, please see Microsoft’s website.

*While we believe that AMD’s processor architectures make it difficult to exploit Variant 2, we continue to work closely with the industry on this threat. We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat.

* AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. These software updates will be provided by system providers and OS vendors; please check with your supplier for the latest information on the available option for your configuration and requirements.

*Linux vendors have begun to roll out OS patches for AMD systems, and we are working closely with Microsoft on the timing for distributing their patches. We are also engaging closely with the Linux community on development of “return trampoline” (Retpoline) software mitigations.

Intel CEO Brian Krzanich’s massive stock sale last fall — which came as the company was privately trying to contend with a major security vulnerability in its chips — could spark a mess of legal trouble for the company.

Institutional investors are already consulting with lawyers about filing a shareholder suit against the company related to the stock sale, according to a person familiar with the talks. Meanwhile, Intel could also contend with an inquiry by the Securities and Exchange Commission, legal experts said.

“I certainly think it would be intriguing to the SEC and theoretically to the US Attorney’s office,” said Joshua Robbins, a white-collar defense attorney at Greenberg Gross and a former federal prosecutor. If the SEC does launch an inquiry, he continued, “it’s going to want to know what did [Krzanich] know and when did he know it.”

The SEC declined to say whether it is investigating Krzanich’s stock sale. An Intel representative told Business Insider last week that Krzanich’s stock sale was “unrelated” to the high-profile security vulnerability which affects chips made by Intel as well as those of rival chipmakers AMD and ARM. But the Intel spokesperson declined on Monday to comment any further on the matter, including whether the company’s board of directors is reviewing the stock transactions.

Krzanich saw a $24 million windfall in late November through a combination of exercising stock options and selling shares that he owned outright. The move raised eyebrows at the time, because he essentially sold all of the stock he could; he kept only the minimum 250,000 shares he’s required to hold under his contract with Intel.

But the stock sale garnered new attention last week after Intel publicly acknowledged a security vulnerability that has plagued nearly all of its chips dating back to 1995. Intel said it had known about the vulnerability, which could allow a hacker to gain access to passwords and other secret information on a computer, since June — months before it came to the public’s attention and months before Krzanich’s stock sales.

That timeline has raised questions about the motivation behind, the timing of, and the size of Krzanich’s stock sale. Although Intel’s CEO made the sales through a pre-arranged “10b5-1” plan that automatically sells shares on a set date, he didn’t put that plan into place until the end of October, nearly five months after Intel first learned about the vulnerability.

“These are bad facts for him,” said Mercer Bullard, a securities law professor at the University of Mississippi’s School of Law.

The SEC has generally given corporate insiders wide latitude to buy and sell their companies’ stock under 10b5-1 plans. Those plans typically buy or sell a certain number of shares automatically on an executive’s behalf on a recurring, regular basis. That pre-scheduled, regular nature of 10b5-1 plans is designed to insulate corporate insiders from the charge that they are making trades based on non-public information.

But they don’t provide an absolute immunity to insider trading charges. Although insiders are generally allowed to change or replace their 10b5-1 plans, they’re forbidden from putting such plans in place or changing them when they are already in possession of material, or substantive, non-public information.

That’s why it’s going to be important to know when exactly Krzanich knew about the security vulnerability and how serious Intel believed it to be at the time. An Intel representative declined to comment on when Krzanich became aware of the vulnerability.

According to a Bloomberg story, security researchers have for years been looking for the type of vulnerability that was found in Intel’s chips and those of other chipmakers. They’ve also known for years — and publicized in research papers and at security conferences — just how dangerous such a vulnerability could be.

“You lose a lot of protections if you amend a [trading] plan when in possession of material non-public information,” said Robert Bartlett, a professor of law at the University of California-Berkeley’s School of Law.

The SEC has limited resources, doesn’t investigate every suspicious transaction, and is operating under the auspices of a pro-business, antiregulatory Trump administration. But the agency has indicated that it plans to make insider trading a priority. And Krzanich’s stock sale could make a tempting target for an investigation, especially because if the agency took action against such a high-profile figure, it could potentially serve as an object lesson for other executives, securities law experts said.

“I would anticipate given the attention this may receive that the government would feel compelled to analyze the factual data,” said Ron Geffner, a partner at Sadis & Goldberg, and a former SEC enforcement attorney.

Regardless of whether the SEC decides to take a closer look, Krzanich’s sale is already getting scrutinized by institutional investors, and that could lead to shareholder suits. The person familiar with the matter told Business Insider that there have been “multiple” inquiries to law firms from concerned investors about the CEO’s transactions, though no lawsuits have yet been filed.

If suits are filed, among the things that plaintiffs lawyers are going to look at closely is not only when Krzanich found out about the vulnerability, but whether he and Intel delayed public disclosure of it and whether there’s any evidence that such a delay was done to allow him to put his plan in place and sell his shares, said Greenberg Gross’ Joshua Robbins.

“I think investors are legitimately concerned in light of the timing,” said Darren Robbins, a partner at Robbins Geller Rudman & Dowd, a firm that represents plaintiffs in securities class action lawsuits. But even before shareholders’ attorneys or the SEC get involved, Intel’s board of directors is likely to give Krzanich’s stock sale a closer look, experts said. Boards are charged with overseeing corporate executives and frequently take the lead when questions are raised about executive actions and company management. They also can often investigate such matters and deal with them more quickly than could be done through shareholder lawsuits or through an SEC inquiry. Indeed, the SEC may well wait to see what Intel’s directors do before launching its own inquiry, experts said.

“The first question is what is the board going to do, because the board will get to this faster than the SEC,” the University of Mississippi’s Bullard said.

In general, our experience is that Variant 1 and Variant 3 mitigations have minimal performance impact, while Variant 2 remediation, including OS and microcode, has a performance impact.

Here is the summary of what we have found so far:

* With Windows 10 on AMD (2007-era PCs with Phenom, Phenom II, FX, or Ryzen) or modern Intel silicon (2016-era PCs with Skylake, Kabylake or newer CPU), benchmarks show single-digit slowdowns, but we don’t expect most users to notice a change because these percentages are reflected in milliseconds.

* With Windows 10 on older silicon (2015-era PCs with Haswell or older CPU), some benchmarks show more significant slowdowns, and we expect that some users will notice a decrease in system performance.

* With Windows 8 and Windows 7 on older silicon (2015-era PCs with Haswell or older CPU), we expect most users to notice a decrease in system performance.

* Windows Server on any silicon, especially in any IO-intensive application, shows a more significant performance impact when you enable the mitigations to isolate untrusted code within a Windows Server instance. This is why you want to be careful to evaluate the risk of untrusted code for each Windows Server instance, and balance the security versus performance tradeoff for your environment.

So in summation, with processors older than Skylake (launched in August 2015) changed the way branch prediction is being handled so that it is not more specific to indirect branches. There will be some penalty but not like what we will see in previous Intel CPU architectures. Windows 7 and 8 is going to be a bigger loser than Windows 10, with the FX-8350 outperforming the i7-4790k in many tests.

Sometimes lawyers just amaze me with how fast they can put a lawsuit together. As a matter of fact three different sets (so far) of lawyers have already filed suit against Intel since the news came out this week that their processors had significant vulnerabilities and the fix will slow them down. Anyway, this is going to be interesting over the next several months/years as these lawsuits make it through the court system. I wonder what the relief for consumers is going to be?

Legal experts said consumers would have to prove concrete damages and harm to proceed with claims. But experts also expect that consumer class-action lawsuits may be just one cost Intel will face in the wake of the Meltdown revelations.

Proof of concept source code for the Spectre and Meltdown attacks have surfaced on github today. Perusing through much of the code shows that the most egregious architecture bungle in the history of man can be accomplished with 122 lines of code according to security experts. Get ready folks. Things are about to get weird in 2018.

2: These flaws allow the entire contents of memory to be dumped for nearly any device that uses a CPU. Desktops, laptops, servers, mobile phones. Dumping memory exposes EVERYTHING.

3: Spectre affects ALL PROCESSORS. It exploits a fundamental design flaw in contemporary CPU architecture. There is no fix for current hardware.

4: Meltdown affects INTEL processors. It’s easier to pull off the attack than Spectre but has a mitigating patch. Unfortunately, the patch is expected to affect performance significantly in certain workloads.

5: The Meltdown patch still does not address Spectre, though the criticality is largely the same.

6: To reinforce the severity of the issues these attacks could present. Imagine a threat actor making their way onto an AWS cloud server and dumping / reading the entire contents of memory for everything on that server. Think about how many companies exist on a single cloud server. The amount of sensitive data present is staggering. Passwords, Log-Ins, Personal Info, Intellectual Property, Files, SSL Keys, Databases…The list goes on.

7: Vendors don’t understand the issue, with many stating Microsoft has already fixed this in an upcoming patch. Again, Meltdown can be patched. Spectre cannot. They both accomplish the same end result. Spectre is difficult to exploit, but in the hands of the right threat actor is easily doable. Once Spectre is streamlined and automated for ease of use, all bets are off.

Average Desktop User (Intel): At this point your best and only option is to apply the Microsoft KAISER patch when they become available. As this attack is also reported to have delivery via web-browser via .js, it may be plausible to block .js execution from the browser as well.

Average Desktop User (AMD): Your CPU is mostly immune, as AMD is adamant that these exploits do not affect their architecture. If anything changes, I am actively tracking and will alert you.

The Gamer (Intel): Early reports are stating 5-35% performance loss with some going as high as 50%, however, thorough performance impact benchmarks have not been widely done yet, so we really have no idea how massive of performance hit gaming on Intel CPUs will take. You could risk it and keep Windows from updating, but we would not recommend that currently.

The Gamer (AMD): Current Patches are only for Meltdown and will not affect performance, but when Spectre is patched the performance loss may be 0-2%, per AMD. Feel free to keep your computer updated and secure with no concern for the possible performance collapse Intel processors will experience.

The Admin: This is going to boil down to company policy. You will have to weigh the unknown vs. the known. Are the patches compatible with your AV suites? Will they cause an adverse business impact when deployed? Will performance impacts cause issues and what could they affect specifically? If it was me, I’d look at critical systems and start there. Sensitive data being protected is a priority. When upgrade time comes around, I would pressure the higher ups to switch to AMD EPYC based servers ASAP.